Improved Login security
This commit is contained in:
parent
551f83672e
commit
a457261ee5
4
.project
4
.project
@ -21,12 +21,12 @@
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.m2e.core.maven2Builder</name>
|
||||
<name>org.hibernate.eclipse.console.hibernateBuilder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.hibernate.eclipse.console.hibernateBuilder</name>
|
||||
<name>org.eclipse.m2e.core.maven2Builder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
|
@ -93,21 +93,21 @@ public class LoginCredentialProcessor implements ObjectProcessor<LoginCredential
|
||||
|
||||
// Checking if user is already online
|
||||
if (connectionManager.isOnline(user.getID())) {
|
||||
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.ALREADY_ONLINE));
|
||||
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.INTERNAL_ERROR));
|
||||
return null;
|
||||
}
|
||||
// Evaluating the correctness of the password hash
|
||||
if (!Arrays.equals(credentials.getPasswordHash(), user.getPasswordHash())) {
|
||||
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.WRONG_PASSWORD));
|
||||
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.WRONG_PASSWORD_OR_USER));
|
||||
return null;
|
||||
}
|
||||
return user;
|
||||
} catch (NoResultException e) {
|
||||
// Checking if user exists
|
||||
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.USER_DOES_NOT_EXIST));
|
||||
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.INTERNAL_ERROR));
|
||||
} catch (InputMismatchException e) {
|
||||
// Checking if the given password hash is correct
|
||||
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.WRONG_PASSWORD));
|
||||
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.WRONG_PASSWORD_OR_USER));
|
||||
}
|
||||
return null;
|
||||
}
|
||||
@ -127,7 +127,7 @@ public class LoginCredentialProcessor implements ObjectProcessor<LoginCredential
|
||||
// Checking that no user already has this identifier
|
||||
PersistenceManager.getInstance().getUserByName(credentials.getIdentifier());
|
||||
// this code only gets executed if this user already exists
|
||||
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.USER_EXISTS_ALREADY));
|
||||
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.INTERNAL_ERROR));
|
||||
return null;
|
||||
} catch (NoResultException e) {
|
||||
// Creation of a new user
|
||||
|
Reference in New Issue
Block a user